https://bugs.documentfoundation.org/show_bug.cgi?id=94903
--- Comment #38 from Alex Thurgood <[email protected]> --- What about a similar issue I see on macOS Arm Silicon ? Should I open a separate report ? I have an EIDAS hardware certificate (USB key) issued by CertEurope that uses Trusted Key Manager for making the key available to the OS. I have set up a security device per the supplier's recommendations in Firefox so that the key is readable in a Firefox profile session after entry of a PIN associated with the certificate on the physical USB key. I can use this certificate to sign PDF files in Adobe Reader. I can also use the certificate within Firefox to login to a court CMS for which the certificate and key are provided for the filing of signed and authenticated transactions with the court CMS. However, in LibreOffice, after the usual idiocy of not being able to find a Certificate Manager, I can finally get LO to display an entry dialog for the PIN, when I click on the Sign button (which otherwise shows no available certificates). I can then sign an ODT, but LibreOffice reports that it could not verify the signature. One has to ask how it can activate the digital signature and not be able to validate it ? What use is a X509 signature that isn't validated by the software application that adds it to the document ? CertEurope uses SHA-256 with RSA Encryption. If I export the signed ODT to PDF(A/3b), opening the PDF in Adobe Reader doesn't show the document as being signed. If I create an ODT without a signature, export to PDF with signature, the signature is considered valid in the PDF when opened in Adobe Reader. Am I missing something, or does signing X590 within the ODT not do anything actually useful ? -- You are receiving this mail because: You are the assignee for the bug.
